7b62900836
[Release-1.21] Add cert rotation command ( #4632 )
...
* Add cert rotation command (#4495 )
* Add cert rotation command
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* add function to check for dynamic listener file
Signed-off-by: Brian Downs <brian.downs@gmail.com>
* Add dynamiclistener cert rotation support
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* fixes to the cert rotation
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* fix ci tests
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* fixes to certificate rotation command
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* more fixes
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Co-authored-by: Brian Downs <brian.downs@gmail.com>
* Upgrade dynamic listener
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* go mod tidy
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Co-authored-by: Brian Downs <brian.downs@gmail.com>
2021-12-06 19:45:21 +02:00
1390792919
Improve flannel logging
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2021-12-01 18:46:07 +01:00
a622dd57f3
[release-1.21] etcd snapshot functionality enhancements ( #4606 )
...
* etcd snapshot functionality enhancements (#4453 )
Signed-off-by: Chris Kim <oats87g@gmail.com>
* feat: add option to disable s3 over https
Signed-off-by: Chris Kim <oats87g@gmail.com>
* Prevent snapshot commands from creating empty snapshot directory (#3783 )
Signed-off-by: Chris Kim <oats87g@gmail.com>
Co-authored-by: Devin Buhl <devin.kray@gmail.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
2021-11-29 13:30:00 -08:00
ac70570999
go generate
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-11-23 16:39:31 -08:00
1847a711e7
Fix regression with cluster reset ( #4524 )
...
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2021-11-18 19:21:52 +02:00
fd71ed9f4a
Allow svclb pod to enable ipv6 forwarding
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2021-11-17 19:50:00 +01:00
43e15c4028
Backport updating cniplugins version and klipper-lb images
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2021-11-17 12:27:51 +01:00
256f5d504a
Merge pull request #4513 from manuelbuil/backport_dual-stack
...
[Release 1.21] Backport dual stack
2021-11-17 08:36:42 +01:00
88e77fdbfd
Improved regex for double equals arguments ( #4508 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2021-11-16 11:31:46 -08:00
e777b2c767
Dual-stack support LB controller
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2021-11-16 18:50:41 +01:00
6854470a14
Merge pull request #4503 from manuelbuil/fix_dualStack_bug
...
[Release 1.21] Fix bug in dual-stack
2021-11-16 10:30:04 +01:00
7de34a0059
Fix bug in dual-stack
...
We forgot to remove the check to allow dual-stack and flannel
Signed-off-by: Manuel Buil <mbuil@suse.com>
2021-11-16 09:11:56 +01:00
93cf545ab2
[Release-1.21] Removed warning about skipping flags ( #4493 )
...
* Remove skip warning
* Add warning back in without value
Signed-off-by: Derek Nola <derek.nola@suse.com>
2021-11-15 13:19:26 -07:00
119b1aeb25
[Release-1.21] etcd-snapshot loading config fails with "flag provided but not defined" ( #4482 )
...
* Match to last After keyword for parser (#4383 )
* Fix to allow etcd-snapshot to use config file with flags that are only used with k3s server. (#4464 )
Signed-off-by: Derek Nola <derek.nola@suse.com>
2021-11-12 11:10:37 -08:00
334eae119a
[release-1.21] Add etcd extra args support for K3s ( #4471 )
...
* Export cli server flags and etcd restoration functions (#3527 )
* Export cli server flags and etfd restoration functions
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* export S3
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Signed-off-by: Chris Kim <oats87g@gmail.com>
* Add etcd extra args support for K3s
Signed-off-by: Chris Kim <oats87g@gmail.com>
* Remove integration test
Signed-off-by: Chris Kim <oats87g@gmail.com>
Co-authored-by: Hussein Galal <galal-hussein@users.noreply.github.com>
2021-11-11 20:36:17 -08:00
10c854c00e
Increase agent's apiserver ready timeout ( #4457 )
...
Since we now start the server's agent sooner and in the background, we
may need to wait longer than 30 seconds for the apiserver to become
ready on downstream projects such as RKE2.
Since this essentially just serves as an analogue for the server's
apiReady channel, there's little danger in setting it to something
relatively high.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-11-11 14:03:44 -07:00
c9d4543c99
go generate
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-11-10 17:36:35 -08:00
864e800896
[Release-1.21] All bootstrap backport ( #4452 )
...
Add ability to reconcile bootstrap data between datastore and disk (#3398 )
2021-11-10 16:20:46 -07:00
df033fa248
Fix log/reap reexec
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-11-01 14:59:08 -07:00
254d2f696e
Fix other uses of NewForConfigOrDie in contexts where we could return err
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 3da1bb3af2
2021-10-29 16:43:47 -07:00
388963440d
Watch the local Node object instead of get/sleep looping
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 5acd0b9008
2021-10-29 16:43:47 -07:00
afa1981f1d
Block scheduler startup on untainted node when using embedded CCM
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 3fe460d080
2021-10-29 16:43:47 -07:00
bb50c45a6f
Revert "Backport bootstrap release 1.21 ( #4313 )"
...
This reverts commit
f0ea0a0946
2021-10-27 14:17:22 -07:00
d413f97146
Update peer address when running cluster-reset
...
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2021-10-25 15:45:51 -07:00
f0ea0a0946
Backport bootstrap release 1.21 ( #4313 )
2021-10-25 13:03:21 -07:00
50fb1ce065
Added configuration input to etcd-snapshot ( #4280 ) ( #4282 )
...
Signed-off-by: dereknola <derek.nola@suse.com>
2021-10-22 13:08:22 -07:00
11dce34b4e
Update to the newest flannel
...
Fixes issues such as the internode connectivity
Signed-off-by: Manuel Buil <mbuil@suse.com>
2021-10-21 13:02:18 +02:00
41b0997e31
Add dual-stack support
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2021-10-21 10:29:03 +02:00
a18c2efb4c
Refactor log and reaper exec to omit MAINPID
...
Using MAINPID breaks systemd's exit detection, as it stops watching the
original pid, but is unable to watch the new pid as it is not a child
of systemd itself. The best we can do is just notify when execing the child
process.
We also need to consolidate forking into a sigle place so that we don't
end up with multiple levels of child processes if both redirecting log
output and reaping child processes.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit dc18ef2e51
2021-10-20 14:36:54 -07:00
504e249a5e
Add containerd ready channel to delay etcd node join
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 88178ae65e
2021-10-20 11:06:12 -07:00
e814850eef
Fix premature etcd shutdown when joining an existing cluster
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 086ca8ba6a
2021-10-20 11:06:12 -07:00
557d425010
Minor cleanup on cribbed function
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 57377d2cd4
2021-10-20 11:06:12 -07:00
4f28561e34
Wait for apiserver readyz instead of healthz
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 3449d5b9f9
2021-10-20 11:06:12 -07:00
89f5721a3a
Fix race condition in cloud provider
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2021-10-19 10:25:34 +02:00
4aa9553978
[Release-1.21] - Add etcd s3 timeout ( #4207 ) ( #4228 )
2021-10-18 10:45:38 -07:00
22f7f1c41a
Make sure there are no duplicates in etcd member list ( #4025 ) ( #4213 )
...
* Make sure there are no duplicates in etcd member list
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* fix node names with hyphens
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* use full server name for etcd node name
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2021-10-14 23:39:24 +02:00
e7bf7b141f
Display cluster tls error only in debug mode ( #4201 )
...
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2021-10-13 01:10:54 +02:00
aa5a0a8c78
set transport to skip verify if se skip flag passed ( #4102 ) ( #4104 )
2021-10-07 12:47:32 -07:00
3ee5098225
Add "etcd-" prefix to etcd-snapshot commands as aliases ( #4161 ) ( #4171 )
...
* Add "etcd-" prefix to etcd-snapshot commands as alias
Signed-off-by: dereknola <derek.nola@suse.com>
2021-10-07 12:26:36 -07:00
69a9f46bce
Don't evacuate the root cgroup when rootless
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-10-01 16:19:07 -07:00
38ddda587a
Properly handle operation as init process
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-09-28 11:33:45 -07:00
15f3a2ebfb
Enable the inheritance of settings for ipv6
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2021-09-28 18:05:33 +02:00
8c2f7ac41c
Remove experimental from cluster commands
...
Signed-off-by: dereknola <derek.nola@suse.com>
2021-09-17 15:37:45 -07:00
acad8ef840
[release-1.21] Update Kubernetes to v1.21.5 ( #4032 )
...
* Update to v1.21.5
Signed-off-by: Chris Kim <oats87g@gmail.com>
2021-09-17 09:21:32 -07:00
6acee2e2f5
No-op when etcd member was already removed and use existing name for etcd controller ( #4015 )
...
Signed-off-by: Chris Kim <oats87g@gmail.com>
2021-09-15 07:36:10 -07:00
863512e055
Initial leader elected etcd member management controller ( #4010 )
...
Signed-off-by: Chris Kim <oats87g@gmail.com>
2021-09-14 10:19:42 -07:00
37caf87d6d
Add exposed metrics listener instead of replacing loopback listener
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-09-10 10:03:49 -07:00
a8a6edfb0d
Add missing node name entry to apiserver SAN list
...
Also honor node-ip when adding the node address to the SAN list, instead
of hardcoding the autodetected IP address.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-09-01 13:22:50 -07:00
659307d327
Fix condition for adding kubernetes endpoints ( #3941 ) ( #3946 )
...
* Fix condition for adding kubernetes endpoints
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Fix condition for adding kubernetes endpoints
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2021-08-31 19:37:42 +02:00
7cf85c235a
Fix issue where addon checksum was never stored
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-08-27 10:26:38 -07:00
656c190629
Reset load balancer state during restoraion ( #3878 )
...
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Reset load balancer state during restoraion
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2021-08-18 18:59:03 +02:00
e45726f610
Fix URL pruning when joining an etcd member
...
* Fix URL pruning when joining an etcd member
Problem:
Existing member clientURLs were checked if they contain the joining
node's IP. In some edge cases this would prune valid URLs when the
joining IP is a substring match of the only existing member's IP.
Because of this, it was impossible to e.g. join 10.0.0.2 to an existing
node that has an IP of 10.0.0.2X or 10.0.0.2XX:
level=fatal msg="starting kubernetes: preparing server: start managed database:
joining etcd cluster: etcdclient: no available endpoints"
Solution:
Fixed by properly parsing the URLs and comparing the IPs for equality
instead of substring match.
Signed-off-by: Malte Starostik <info@stellaware.de>
(cherry picked from commit b23955e835
2021-08-13 11:49:26 -07:00
18bc38d838
account for an s3 folder when listing objects ( #3807 ) ( #3812 )
...
* account for an s3 folder when listing objects
2021-08-09 17:35:14 -07:00
12ec437605
fix Node stuck at deletion ( #3775 )
...
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2021-08-05 23:23:34 +02:00
cc694b1f09
Notify systemd for etcd only node ( #3733 )
...
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2021-07-30 00:41:52 +02:00
e6247d583c
[Backport 1.21] Cannot write data to local PVC ( #3721 )
...
* Fix to allow non-root users access to storage volumes. (#3714 )
* Fix to prevent non-root users from accessing storage directory, while allowing non-root users access to subdirectories.
Signed-off-by: dereknola <derek.nola@suse.com>
2021-07-28 13:47:22 -07:00
786f91b997
Fix multiple bootstrap keys found
...
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
migrate empty string key properly
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
simplifying the code
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
migrate old token key format
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
fix warning msg
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
replace error with warn in delete
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
more fixes
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
more fixes
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2021-07-21 22:54:25 +02:00
c15259d925
Fix to allow prune to correctly cleanup custom named snapshots ( #3649 ) ( #3672 )
...
Signed-off-by: dereknola <derek.nola@suse.com>
2021-07-20 12:17:10 -07:00
9859ec7a81
[release-1.21] - Backport Fix storing bootstrap data with empty token string ( #3514 )
...
* Fix storing bootstrap data with empty token string (#3422 )
* Fix storing bootstrap data with empty token string
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* delete node password secret after restoration
fixes to bootstrap key
vendor update
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* fix comment
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* fix typo
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* more fixes
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* fixes
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* fixes
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* typos
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Removing dynamic listener file after restoration
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* go mod tidy
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* fix a runtime core panic
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* update kine
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Fix calling delete in kine
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2021-07-13 22:28:38 +02:00
5a88b5b3ea
Emit events for AddOn lifecycle
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit a7d1159ba6
2021-07-12 12:12:11 -07:00
ab0520f44e
Add comments, clean up imports and function names
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit ea2cd6d727
2021-07-12 12:12:11 -07:00
411d7e6753
Tidy up function calls with many args
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 6e48ca9b53
2021-07-12 12:12:11 -07:00
ff0451c4dd
Add nodename to UA string for deploy controller
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 6ef000091a
2021-07-09 14:27:29 -07:00
c3d134a405
prevent snapshot save when snapshots are disabled ( #3475 ) ( #3610 )
...
* prevent snapshot save when snapshots are disabled
2021-07-09 12:09:35 -07:00
42ab13a869
Update etcd snapshot error message to be more informative when etcd database is not found ( #3592 )
...
Signed-off-by: Chris Kim <oats87g@gmail.com>
2021-07-08 15:01:05 -07:00
0c5577a8ec
[Backport 1.21] Update embedded kube-router ( #3557 ) ( #3595 )
...
* Update embedded kube-router
Signed-off-by: dereknola <derek.nola@suse.com>
2021-07-07 15:04:23 -07:00
0c2d8376d0
Changes local storage pods to have 700 permissions ( #3537 ) ( #3548 )
...
* Changes local storage pods to have 700 permissions
Signed-off-by: dereknola <derek.nola@suse.com>
2021-06-30 09:22:44 -07:00
65e521140a
[Backport 1.21] Move cloud-controller-manager into an embedded executor ( #3530 )
...
* Move cloud-controller-manager into an embedded executor
* Import K3s cloud provider and clean up imports
Signed-off-by: Chris Kim <oats87g@gmail.com>
2021-06-29 07:28:55 -07:00
3224f6b56d
fix possible race where bootstrap data might not save
...
Signed-off-by: Brian Downs <brian.downs@gmail.com>
2021-06-24 11:05:35 -07:00
c35761d169
Renamed client-cloud-controller crt and key ( #3472 )
...
Signed-off-by: dereknola <derek.nola@suse.com>
2021-06-16 14:55:43 -07:00
8651d6af5f
Send systemd notifications for both server and agent ( #3430 ) ( #3460 )
...
* update agent to sent systemd notify after everything starts
2021-06-15 12:16:15 -07:00
eac48f69bc
Add kubernetes.default.svc to serving certs
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-06-08 16:24:16 -07:00
3db7f98853
Merge pull request #3354 from briandowns/backport_etcd_subcommands-1.21
...
[ Backport 1.21 ] - etcd subcommands 1.21
2021-06-08 10:23:20 -07:00
16ae282c7a
Fix RBAC cloud-controller-manager name 3308 ( #3388 ) ( #3408 )
...
* Changed cloud-controller-manager user name in ccm.yaml
* Changed RBAC name in server.go and deps.go
Signed-off-by: dereknola <derek.nola@suse.com>
2021-06-07 08:46:24 -07:00
ff54d8c96d
Add a path for wireguard's privatekey
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2021-06-04 09:00:35 +02:00
8fd180e0d9
move object channel defer close to goroutine
...
Signed-off-by: Brian Downs <brian.downs@gmail.com>
2021-05-19 14:49:48 -07:00
69795277be
add retention default and wire in s3 prune
...
Signed-off-by: Brian Downs <brian.downs@gmail.com>
2021-05-19 14:49:44 -07:00
58649c5e85
add etcd snapshot save subcommand
...
Signed-off-by: Brian Downs <brian.downs@gmail.com>
2021-05-19 14:49:38 -07:00
67651aee58
Handle conntrack-related sysctls in supervisor agent setup
...
(cherry picked from commit 7e175e8ad4
2021-05-18 22:25:33 -07:00
6ee28214fa
Add the ability to prune etcd snapshots ( #3310 )
...
* add prune subcommand to force rentention policy enforcement
2021-05-13 13:36:33 -07:00
079620ded0
Fix passthrough of SystemDefaultRegistry from server config
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-05-13 02:18:09 -07:00
24474c5734
change --disable-apiserver flag
...
Signed-off-by: MonzElmasry <menna.elmasry@rancher.com>
2021-05-13 00:00:11 +02:00
e10524a6b1
Add executor.Bootstrap hook for pre-execution setup
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-05-11 18:46:15 -07:00
bcd8b67db4
Add the ability to list etcd snapshots ( #3303 )
...
* add ability to list local and s3 etcd snapshots
2021-05-11 16:59:33 -07:00
02a5bee62f
Add system-default-registry support and remove shared code ( #3285 )
...
* Move registries.yaml handling out to rancher/wharfie
* Add system-default-registry support
* Add CLI support for kubelet image credential providers
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-05-10 15:58:41 -07:00
948295e8e8
Fix cluster restoration in rke2 ( #3295 )
...
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2021-05-11 00:06:33 +02:00
fc037e87f8
Use config file values in node-args annotation
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-05-10 14:08:02 -07:00
e998cd110d
Add the ability to delete an etcd snapshot locally or from S3 ( #3277 )
...
* Add the ability to delete a given set of etcd snapshots from the CLI for locally stored and S3 store snapshots.
2021-05-07 16:10:04 -07:00
e77fd18270
Sign CSRs for kubelet-serving with the server CA
...
Problem:
Only the client CA is passed to the kube-controller-manager and
therefore CSRs with the signer name "kubernetes.io/kubelet-serving" are
signed with the client CA. Serving certificates must be signed with the
server CA otherwise e.g. "kubectl logs" fails with the error message
"x509: certificate signed by unknown authority".
Solution:
Instead of providing only one CA via the kube-controller-manager
parameter "--cluster-signing-cert-file", the corresponding CA for every
signer is set with the parameters
"--cluster-signing-kube-apiserver-client-cert-file",
"--cluster-signing-kubelet-client-cert-file",
"--cluster-signing-kubelet-serving-cert-file", and
"--cluster-signing-legacy-unknown-cert-file".
Signed-off-by: Siegfried Weber <mail@siegfriedweber.net>
2021-05-05 15:59:57 -07:00
f410fc7d1e
Invoke cluster reset function when only reset flag is passed ( #3276 )
...
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2021-05-05 17:40:04 +02:00
beb0d8397a
reference node name when needed
...
Signed-off-by: Brian Downs <brian.downs@gmail.com>
2021-05-04 10:03:28 -07:00
c5ad71ce0b
Collect and Store etcd Snapshots and Metadata ( #3239 )
...
* Add the ability to store local etcd snapshots and etcd snapshots stored in an S3 compatible object store in a ConfigMap.
2021-04-30 18:26:39 -07:00
2db3bf7a89
Export CriConnection function ( #3225 )
...
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2021-04-29 22:11:19 +02:00
3cb4ca4b35
Use same SANs on ServingKubeAPICert as dynamiclistener
...
The kube-apiserver cert should have the same SANs in the same order,
excluding the extra user-configured SANs since this will only be used
in-cluster.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-04-28 09:58:19 -07:00
8f1a20c0d3
Add ability to append to slice during config file merge
...
If key ends in "+" the value of the key is appended to previous
values found. If values are string instead of a slice they are
automatically converted to a slice of one string.
Signed-off-by: Darren Shepherd <darren@rancher.com>
2021-04-27 15:59:03 -07:00
2705431d96
Add support for dual-stack Pod/Service CIDRs and node IP addresses ( #3212 )
...
* Add support for dual-stack cluster/service CIDRs and node addresses
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-04-21 15:56:20 -07:00
a0a1071aa5
Support .d directory for k3s config file ( #3162 )
...
Configuration will be loaded from config.yaml and then config.yaml.d/*.(yaml|yml) in
alphanumeric order. The merging is done by just taking the last value of
a key found, so LIFO for keys. Slices are not merged but replaced.
Signed-off-by: Darren Shepherd <darren@rancher.com>
2021-04-15 11:29:24 -07:00
601c4984f5
Fix service-account-issuer
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-04-14 14:51:42 -07:00
e8381db778
Update Kubernetes to v1.21.0
...
* Update Kubernetes to v1.21.0
* Update to golang v1.16.2
* Update dependent modules to track with upstream
* Switch to upstream flannel
* Track changes to upstream cloud-controller-manager and FeatureGates
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-04-14 14:51:42 -07:00
66ed6efd57
Resolve local retention issue when S3 in use.
...
Remove early return preventing local retention policy to be enforced
resulting in N number of snapshots being stored.
Signed-off-by: Brian Downs <brian.downs@gmail.com>
2021-04-14 10:40:08 -07:00
Hussein Galal